Github Action for automatically pushing to Anvil

james.campbell · October 6, 2021, 11:38am

Here’s a ready to use Github Actions file, that will push your project up to Anvil whenever something is merged into the branch main or a new release is published.
I’d recommend creating three Secrets in the Github repo for the project: one for the ssh key, one for the anvil host info, and one for the project url at anvil.

The secret ANVIL_HOST should contain:

[anvil.works]:2222,[52.56.203.177]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCv1qTximy8Og3MYb8+MGqwtWBorLho9MLgC35oO9Lk445j8GagTor02ucAe+m9Jsk7zfUbRMcjwpjGxMTqdzafnBRfXe0pG5bXpTO274s3TMHGK8Tvl5tt8RLHZXmWmxbYtEQd6gfDffSBtY66p3I0aPNcTNPvM1Ls7QJziiVf8GZ7w0y57vAILNwEaTjXWfdhcxwHEUG/Joamx3LiHRwkiYpO5jkeNn+hGath3lmAoZGC+/DVAo7FFIqsRFWL82FpUZ5g8aOQ7BHZW4vI7RlfEvhBK+FW5wYR5/e8eLBRYAvTbmn25qBo/oSeAA8ZZMdnVb2CQuIm6xv/4isMCpkj

This is the same for everyone, however it could change in the future. You could also find this from looking at .ssh/known_hosts on a machine you use to push to anvil.

For the public/private key pair, the private key should be saved as a Github secret called ANVIL_SSH_KEY and the public key should be uploaded to anvil.

Finally, the secret ANVIL_REPO_URL should be the url anvil provides when you clone the repo. Alternatively this could be found using git remote -v.

All that’s left is to create the file .github/workflows/main.yml and paste in the content below.

name: CI
on:
    release:
        types: [published]
    push:
        branches: [main]
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v2
              with:
                fetch-depth: 0
            - name: Add SSH config
              env:
                  SSH_AUTH_SOCK: /tmp/ssh_agent.sock
              run: |
                  mkdir -p /home/runner/.ssh
                  echo "${{ secrets.ANVIL_HOST }}" > /home/runner/.ssh/known_hosts
                  echo "${{ secrets.ANVIL_SSH_KEY }}" > /home/runner/.ssh/github_actions
                  chmod 600 /home/runner/.ssh/github_actions
                  ssh-agent -a $SSH_AUTH_SOCK > /dev/null   
                  ssh-add /home/runner/.ssh/github_actions
            - name: Build and deploy
              env:
                  SSH_AUTH_SOCK: /tmp/ssh_agent.sock
              run: |
                  git config --global user.name "GitHubActions"
                  git config --global user.email "actions@github.com"
                  git remote add anvil "${{ secrets.ANVIL_REPO_URL }}"
                  git push anvil main:master --force

owen.campbell · October 6, 2021, 11:40am

Very nice!!

@stucork Looks like something we could use on Anvil Extras. What do you reckon?

stefano.menci · October 6, 2021, 12:36pm

What did this mean?

Can you give me a use case example?

james.campbell · October 6, 2021, 12:41pm

Sure! I you’re collaborating on an Anvil project with other developers, you’ll probably be using something like Github to manage Issue Tracking and handle Merge Requests. Once any changes have been merged into the main branch by another developer, they would need to be pushed to the repo at Anvil in order to take effect. This can get pretty repetitive, but the Github Action handles it for you.

stefano.menci · October 6, 2021, 12:50pm

I’m sorry, I’m still in the dark.

Who is this action for?
For the maintainer or the contributor?

I have made two little contributions to Anvil Extras and I don’t understand where this would fit in the workflow.

The way I interacted with Anvil Extras was via a pull request.
Is that in the picture here?

owen.campbell · October 6, 2021, 1:02pm

This isn’t just for Anvil Extras - it applies to any app that has its codebase on Github. However, let’s use your pull request as an example…

You forked the Anvil Extras repo, made your code changes and submitted a pull request (PR)
I or @stucork reviewed that PR and ,eventually, one of us will have merged it into the main branch.

At that point, the main branch needs pushing to anvil.works - that’s something only I can do as the production app is on my personal account. It has to be done manually by pulling the branch to my local machine and then pushing to anvil. If I’m not around or not available, it doesn’t happen.

This solution means we can configure github to do that final stage for us whenever a change occurs on the main branch - regardless of whether I’m around or not.